<?php
session_start();
/*
 * Session variables:
 * $_SESSION['type'] [string] = user type of the logged in user
 * $_SESSION['authorised'] [boolean] = whether or not the current user is logged in
 */
if(isset($_SESSION['authorised']) && $_SESSION['authorised'] == true)
{   
    if(isset($_SESSION['type']))
    {
        if($_SESSION['type'] == 'administrator')
        {
			$building_name=strtoupper(addslashes(pg_escape_string($_POST['building_name'])));
			$stadd1=strtoupper(addslashes(pg_escape_string($_POST['street_add1'])));
			$stadd2=strtoupper(addslashes(pg_escape_string($_POST['street_add2'])));
			$city=strtoupper(addslashes(pg_escape_string($_POST['city_add'])));
			$province=strtoupper(addslashes(pg_escape_string($_POST['province'])));
			$zip_code=addslashes(pg_escape_string($_POST['zip_code']));
			$num_floors=addslashes(pg_escape_string($_POST['num_floors']));
			$contact_num=addslashes(pg_escape_string($_POST['contact_num']));
        	if($building_name==''||$stadd1==''|| $stadd2==''||$city==''||$province==''||$zip_code==''||$num_floors==''||$contact_num==''||$num_floors<1)
            {
            	$_SESSION['error']='Error in creating building. Put correct information in all fields.';
				header('Location:admin_alert.php');
                exit();
            }
			include('connection.inc');
            
            $sql = "SELECT * FROM buildings where building_name='$building_name'";
            $result = pg_query($sql);
            
            $count = pg_num_rows($result);
            
            if($count >= 1)
            {
                $_SESSION['error']='Building already exists';
                 header('Location:admin_alert.php');
                exit();
            }
            else
            {
                $sql="INSERT INTO buildings (building_name, num_floors, zipcode, contactnum, province, city_or_town, stadd1, stadd2) VALUES ('$building_name', '$num_floors', '$zip_code', '$contact_num', '$province', '$city', '$stadd1', '$stadd2')";
				$result=pg_query($sql);
				header('Location: admin_managebuildings.php');
				exit();
				
            }
        }
        elseif($_SESSION['type'] == 'student')
        {
            header('Location: student_index.php');
            exit();
        }
        elseif($_SESSION['type'] == 'tutor')
        {
            header('Location: tutor_index.php');
            exit();
        }
        elseif($_SESSION['type'] == 'parent')
        {
            header('Location: parent_index.php');
            exit();
        }
    }
}
else
{
    header('Location: index.php');
}
?>
